On Thu, Apr 23, 2015 at 10:59:53AM +0000, Tirumaleswar Reddy (tireddy) wrote: > > -----Original Message----- > > From: dns-privacy [mailto:[email protected]] On Behalf Of Ilari > > Liusvaara > > Sent: Thursday, April 23, 2015 3:25 PM > > To: Simon Josefsson > > Cc: Watson Ladd; [email protected]; Warren Kumari > > Subject: Re: [dns-privacy] Call for Adoptions on the 3 documents. > > > > - Does DNS-over-DTLS need some sort of channel identifier in queries > > (taking place of the 5-tuple)? To deal with things like client IP > > address/portrange changes or client socket being dropped[1]. > > (D)TLS supports session resumption without server side state > https://tools.ietf.org/html/rfc5077
It is still 1RTT. Also, it occurs to me that if there is NAT with non-sticky behaviour with UDP DNS (UDP DNS might very well be special-cased), things are not going to work at all without channel identifier (because the ports change constantly). Dunno if such middleboxes exist, or if they exist, how common those are. -Ilari _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
